limit number of ssh connections

Randal L. Schwartz merlyn at
Tue Sep 20 00:11:32 UTC 2011

>>>>> "Григорьев" == Григорьев Александр <mr.festin at> writes:

Григорьев> If your target is protect freebsd box from bruting passwords
Григорьев> from inet maybe security/knockd will help you?

Portknocking adds only a dozen bits or so to your password.  Do you
really think it helps to go from a 1024-bit key to a 1036-bit?  In other
words, Portknocking belongs in the "security for dummies" pile right
along with "turning off your SSID announce" and "use MAC address
filtering" when people talk about wifi "security".  All three are
useless and give you a false sense of having "increased" security.

The real security is disable plaintext passwords.  Then no amount of
bruteforce will ever get in.

Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn at> <URL:>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See for Smalltalk discussion

More information about the freebsd-questions mailing list